We were recently required to use an application that, for whatever reason, doesn't get along with our ISA 2004 authentication. A logical step is to add the destination to the direct access list, which I've done. It doesn't seem to make any difference. I have confirmed that a PC loaded with the FWC and browser settings cannot connect with a "Proxy authentication required" error. If I disable proxy settings in IE it can connect, but our environment needs both.
I've aded the site to the domains list (using several different formats including *.domain.com/*), updated the firewall client, rebooted, deleted wpad locally, setup autoconfig via GPO, disabled FWC and or browser settings etc. I can't seem to bypass the proxy config using direct access no matter what configuration I try.
Any ideas? It all makes perfect sense. It just doesn't work. It appears to be ignoring the direct access list. Do I need a coresponding rule? I've got 'em, cause it works withotu browser settings.
I did create a rule allowing all traffic to that particular URL. I gave all users permissions, however that doesn't fix my issue with the direct access list. I would rather get this working instead of creating rules for every app/connection.
In the end the rule worked. I first re-wrote the web app as a desktop app to use the current user permissions, but this wasn't a long term solution. I ended up using the rule instead and locking it down as much as possible.
If anybody has any ideas about why the direct access list approach isn't working I'd appreciate any info.